laipower/wp-content/plugins/wpscan/security-checks/https/check.php

<?php

/**
 * Classname: WPScan\Checks\https
 */

namespace WPScan\Checks;

// Exit if accessed directly.
defined( 'ABSPATH' ) || exit;

/**
 * HTTPS.
 *
 * Checks if the website is using HTTPS.
 *
 * @since 1.14.0
 */
class https extends Check {
  /**
   * Title.
   *
   * @since 1.14.0
   * @access public
   * @return string
   */
  public function title() {
    return __( 'Website HTTPS', 'wpscan' );
  }

  /**
   * Description.
   *
   * @since 1.14.0
   * @access public
   * @return string
   */
  public function description() {
      return __( 'Checks if your website is using HTTPS encryption for communications.', 'wpscan' );
  }

  /**
   * Success message.
   *
   * @since 1.14.0
   * @access public
   * @return string
   */
  public function success_message() {
      return __( 'Your website seems to be using HTTPS', 'wpscan' );
  }

  /**
   * Perform the check and save the results.
   *
   * @since 1.14.0
   * @access public
   * @return void
   */
  public function perform() {
    $vulnerabilities = $this->get_vulnerabilities();

    $wp_url   = get_bloginfo( 'wpurl' );
    $site_url = get_bloginfo( 'url' );

    // Check if the current page is using HTTPS.
    if ( 'https' !== substr( $wp_url, 0, 5 ) || 'https' !== substr( $site_url, 0, 5 ) ) {
      // No HTTPS used.
      $this->add_vulnerability( __( 'The website does not seem to be using HTTPS (SSL/TLS) encryption for communications.', 'wpscan' ), 'high', 'https', 'https://blog.wpscan.com/wordpress-ssl-tls-https-encryption/' );
    }
  }
}
installed plugin `WPScan` version 1.15.1 2021-05-13 11:27:50 +00:00			`<?php`

			`/**`
			`* Classname: WPScan\Checks\https`
			`*/`

			`namespace WPScan\Checks;`

			`// Exit if accessed directly.`
			`defined( 'ABSPATH' ) \|\| exit;`

			`/**`
			`* HTTPS.`
			`*`
			`* Checks if the website is using HTTPS.`
			`*`
			`* @since 1.14.0`
			`*/`
			`class https extends Check {`
			`/**`
			`* Title.`
			`*`
			`* @since 1.14.0`
			`* @access public`
			`* @return string`
			`*/`
			`public function title() {`
			`return __( 'Website HTTPS', 'wpscan' );`
			`}`

			`/**`
			`* Description.`
			`*`
			`* @since 1.14.0`
			`* @access public`
			`* @return string`
			`*/`
			`public function description() {`
			`return __( 'Checks if your website is using HTTPS encryption for communications.', 'wpscan' );`
			`}`

			`/**`
			`* Success message.`
			`*`
			`* @since 1.14.0`
			`* @access public`
			`* @return string`
			`*/`
			`public function success_message() {`
			`return __( 'Your website seems to be using HTTPS', 'wpscan' );`
			`}`

			`/**`
			`* Perform the check and save the results.`
			`*`
			`* @since 1.14.0`
			`* @access public`
			`* @return void`
			`*/`
			`public function perform() {`
			`$vulnerabilities = $this->get_vulnerabilities();`

			`$wp_url = get_bloginfo( 'wpurl' );`
			`$site_url = get_bloginfo( 'url' );`

			`// Check if the current page is using HTTPS.`
			`if ( 'https' !== substr( $wp_url, 0, 5 ) \|\| 'https' !== substr( $site_url, 0, 5 ) ) {`
			`// No HTTPS used.`
updated plugin `WPScan` version 1.15.4 2021-07-25 23:25:13 +00:00			`$this->add_vulnerability( __( 'The website does not seem to be using HTTPS (SSL/TLS) encryption for communications.', 'wpscan' ), 'high', 'https', 'https://blog.wpscan.com/wordpress-ssl-tls-https-encryption/' );`
installed plugin `WPScan` version 1.15.1 2021-05-13 11:27:50 +00:00			`}`
			`}`
			`}`